An applause for Twitter which has recently made it so that when you sign up for an account you can't use one of those very obvious passwords.
Security researchers Karsten Nohl and Chris Paget presented their findings in a presentation (WMV video) Monday at the 26th Chaos Communication Congress (CCC) in Berlin. A practical demonstration of the vulnerabilities and potential exploits is scheduled to take place at the conference on Wednesday at 12:00 GMT.
The demonstration is a follow-up to a presentation the two researchers made in August at the Hacking At Random conference, during which they outlined serious flaws in the GSM encryption scheme.
GSM is used in approximately 80 percent of the world's mobile communications systems, and in about 3 billion cell phones across the globe, according to industry estimates. In his CCC presentation yesterday, Nohl pointed out that much data has already been published about GSM's vulnerabilities, but the pair's new research takes it one step further -- by showing how GSM calls can be intercepted and decoded using relatively low-cost hardware and open-source software that is readily available on the Web.
Organizations should assume that within six months of the demo GSM phone calls will be at risk, says Stan Schatt, vice president and practice director for healthcare and security at ABI Research.
For full report, read here.
When users go to these sites for these happy holiday thoughts – they are instead instantly greeted by having files downloaded to their computers. And voila – a lovely “gift” is attempting to execute upon them. The gift of holiday identity theft!"
The embedded link took the victim to a Web page that presented like a CAPTCHA or Turing test, and asked the user to click on a blue "Share" button on the Facebook page. (as shown below)
Once clicked, the victim is redirected to a YouTube video, and then the same post shows up on the victim's account and thus tries to infect his or her friends. Security experts say the attack appeared to be more of a prank or trial balloon, and it affects only Firefox and Chrome browsers, according to security expert Krzysztof Kotowicz, who blogged about the attack this week. Facebook has now blocked the URL to the malicious site, fb.59.to.
On Thursday, an unknown attacker hijacked Twitter's domain name and redirected visitors to an unrelated site hosting a page claiming Twitter had been hacked by the "Iranian Cyber Army." Evidence indicates, however, that the attackers were able to change the domain-name system (DNS) entries at Twitter's provider, Dyn Inc., said Rod Rasmussen, president and CEO of Internet Identity, an infrastructure security firm which monitors DNS changes.
"First of all the name servers themselves didn't change, so someone was updating things at the provider," Rasmussen said. Because other clients were not showing signs of DNS hijacking, it's unlikely that Dyn itself had been breached, Rasmussen said. "We didn't see anything else at Dyn that indicated signs of that the service had been compromised."
On Friday, Dyn confirmed that the attacker had the proper credentials to log into Twitter's account with the company and change the addressed assigned to various hosts in the Twitter.com domain. While some media reports have called the attack a hack or a defacement against the site, neither term applies, said Kyle York, vice president of sales and marketing for the firm.
"From our point of view, no unauthenticated users logged into the system," York said.
Adobe PDF Reader - Zero Day attack circulating
http://www.adobe.com/support/security/advisories/apsa09-07.html
http://www.avertlabs.com/research/blog/index.php/2009/12/16/another-adobe-reader-zero-day-take-care/
QUOTE: Adobe has confirmed a critical vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild. Adobe recommends customers follow the mitigation guidance below until a patch is available
HOW TO DISABLE JAVASCRIPT IN ADOBE READER:
Customers can mitigate the issue by disabling JavaScript in Adobe Reader and Acrobat using the instructions below:
1. Launch Acrobat or Adobe Reader.
2. Select Edit>Preferences
3. Select the JavaScript Category
4. Uncheck the 'Enable Acrobat JavaScript' option
5. Click OK
In reality, the company's domain name had been hijacked by the vandals and visitors redirected to an unrelated site hosting the page. Passive domain-name service (DNS) records showed the DNS poisoning, as Twitter's record pointed first to two domains registered in Moldova and then to a domain registered to an undisclosed person in Pompano Beach, Florida, according to information posted by the SANS Internet Storm Center.
Twitter acknowledged the issue late last night, following earlier media reports.
Defacement was claimed to be done by the "Iranian Cyber Army," but another message -- translated from Farsi by Google's automated translation engine -- reportedly claimed the attack was motivated by the U.S. and Twitter's interference in "my country," suggesting the attacker was an individual.
Those looking to see the latest 3D blockbuster movie, The Avatar, on the cheap will have to take great care in what they search for. We have become aware of at least one site that has been rigged to redirect users to a page that presents the now-familiar "play video/need codec" screen. In an unusual twist, this time it is offering a new ActiveX update rather than the usual codec or Flash player updates.
Bit.ly, one of the most popular URL shortening services, announced it will be integrating three new security-related services by the end of the year:
netizens left a footprint.